Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: HTTP Header Usage Statistics - SANS Internet Storm Center HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
X-Pingback
P3P
X-Frame-Options
X-XSS-Protection
X-Cache
X-AspNet-Version
Content-Language
Age
CF-RAY
X-UA-Compatible
Via
Strict-Transport-Security
X-Adblock-Key
X-Varnish
Access-Control-Allow-Origin
X-Language
X-Check
X-Template
X-Cacheable
X-Generator
X-Buckets
Content-Location
X-Drupal-Cache
X-AspNetMvc-Version
X-Hacker
X-Ac
P3p
X-Powered-By-Plesk
MS-Author-Via
X-Type
X-Request-Id
X-Pass-Why
X-Cache-Group
X-Runtime
Keep-Alive
WP-Super-Cache
Status
X-Iinfo
X-Powered-CMS
Ngpass-Ngall
X-Cache-Hits
Host-Header
X-Permitted-Cross-Domain-Policies
Content-Security-Policy-Report-Only
Access-Control-Allow-Credentials
X-Download-Options
X-UA-Device
X-ShopId
X-ShardId
X-Alternate-Cache-Key
X-Dc
Access-Control-Allow-Headers
X-Mod-Pagespeed
X-Via
X-Pad
X-Request-ID
X-Logged-In
X-Tumblr-Pixel-0
X-Tumblr-User
X-Tumblr-Pixel
Access-Control-Allow-Methods
X-Backend
X-Tumblr-Pixel-1
X-Served-By
X-Server
Content-Security-Policy
X-ServedBy
X-ContextId
X-Tumblr-Pixel-2
X-CDN
X-PC-Key
X-PC-Hit
X-Host
Powered-By
X-Cache-Status
X-Cache-Hit
Upgrade
Content-Encoding
X-Port
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Xss-Protection
X-Robots-Tag
X-Tumblr-Pixel-3
X-Cache-Lookup
X-Timer
MicrosoftOfficeWebServer
X-Accel-Version
MicrosoftSharePointTeamServices
X-Rack-Cache
SPRequestGuid
X-SharePointHealthScore
X-Varnish-Cache
X-Cnection
X-Request-Country
X-XRDS-Location
X-MS-InvokeApp
X-Page-Speed
X-Amz-Cf-Id
X-Seen-By
X-Wix-Renderer-Server
X-Wix-Request-Id
X-Safe-Firewall
X-AH-Environment
X-Turbo-Charged-By
CF-Cache-Status
Rating
X-Content-Powered-By
X-W-DC
X-Server-Powered-By
X-Tumblr-Content-Rating
X-Content-Digest
X-FullPageCaching
X-Ua-Compatible
X-PhApp
X-Cache-Enabled
X-Webserver
X-Tumblr-Pixel-4
X-GitHub-Request-Id
X-Firenze-Processing-Times
Request-Id
Public-Key-Pins
Composed-By
X-INKT-URI
X-INKT-SITE
Alt-Svc
X-Node
SPIisLatency
SPRequestDuration
Served-By
Cf-Railgun
X-Amz-Request-Id
X-Amz-Id-2
X-Proxy-Cache
Liferay-Portal
Permitted-Cross-Domain-Policies
X-HeyJason
X-Spip-Cache
Timing-Allow-Origin
X-Hyper-Cache
X-Server-Name
Surrogate-Key
Xkey
X-Pantheon-Styx-Hostname
X-Pantheon-Endpoint
Surrogate-Key-Raw
X-Styx-Version
X-Styx-Req-Id
Content-Script-Type
X-OneAgent-JS-Injection
Charset
Access-Control-Max-Age
Content-Style-Type
Access-Control-Expose-Headers
X-Content-Security-Policy
X-Swift-CacheTime
X-Swift-SaveTime
EagleId
X-XN-Trace-Token
X-XN-XNHTML
X-CF-Powered-By
Grace
X-FW-Hash
X-SERVER
X-Tumblr-Pixel-5
X-CDN-Pop-IP
X-CDN-Pop
X-Dw-Request-Base-Id
X-Clacks-Overhead
X-FW-Serve
X-FW-Static
X-FW-Type
Access-Control-Allow-Method
X-Hits
Content-MD5
Refresh
X-Drupal-Dynamic-Cache
X-FB-Debug
X-VCache
Public-Key-Pins-Report-Only
X-Fastly-Request-ID
X-Cache-Server
X-Jimdo-Instance
X-Jimdo-Wid
X-Device
X-Loop
Real-Hostname
X-Umbraco-Version
X-User-Agent
X-LJ-Flow-ID
X-TNCMS
X-VWS-Id
X-Gateway
X-Beta
X-AWS-Id
X-Cache-Result
X-Backend-Server
X-MiniProfiler-Ids
X-Generated-By
Edge-Control
X-DDC-Arch-Trace
X-Cache-Config
Cartoon
X-Px
X-Tumblr-Adult-Blog
X-LiteSpeed-Cache
X-Hostname
X-REQUEST-ID
X-Cached-By
X-Cloud-Trace-Context
PageSpeed
X-Powered-By-360WZB
X-Age
X-Url
X-Cached
Surrogate-Control
X-Outils-CS
NS-RTIMER-COMPOSITE
X-DynaTrace-JS-Agent
X-ServerName
Fpc-Cache-Id
X-Tumblr-Pixel-6
Fastly-Debug-Digest
X-CMS-Version
TCN
Response
X-Whom
X-DynaTrace
X-Served-From-Cache
X-WebKit-CSP
X-Middleton-Display
Display
X-Middleton-Response
X-Sol
X-Forwarded-For
X-Recruiting
X-URL
X-From
Product
DynaTrace
X-Content-Options
Imagetoolbar
X-Varnish-Cache-Hits
X-Msg-2-Log
Rt-Fastcgi-Cache
X-Handled-By
ServedBy
X-TTL
X-AspNetWebPages-Version
Powered-By-ChinaCache
X-Country-Code
X-Content-Encoded-By
X-FORWARDED-FOR
Access-Control-Request-Method
X-NetCat-Version
X-Micro-Cache
X-Matrix-Proxy
X-HOST
X-Matrix-Server
X-ApacheServer
X-Firenze-Processing-Time
ServerName
Page-Completion-Status
X-Hosted-By
X-Expires-Orig
X-Origin
Alternate-Protocol
X-Varnish-Host
Ag-Server-Time
Ag-Send-Time
IBM-Web2-Location
Ag-Execution-Time
X-App-Hosting
Fhost
Generator
Front-End-Https
Akamai-IP
Magicmarker
X-Passed-To
X-Actual-URL
X-Magnolia-Registration
X-Original-Request
X-Returned-From
X-Passed-To-DLL
X-Returned-From-DLL
X-Passed-To-PostProcessResponse
X-Passed-To-BeforeDispatch
X-S
X-Do-Not-Hack
X-Returned-From-BeforeDispatch
X-Returned-From-PostProcessResponse
X-PERF
X-Varnish-Backend
X-UD-Method
X-I
X-Track
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
X-Stale
X-Varnish-Beresp-Grace
Content-Encoding-Handler
USPLoggingUUID
X-Director
X-Art-Request-Id
X-ATG-Version
Surrogate-Keys
Host
Content-Hash
X-Server-ID
Content-Disposition
X-SDS
X-Duration
X-Platform
X-Varnish-TTL
MIME-Version
X-Version
X-Gamma-Serve
X-Abuse
X-Request-Time
Lsrequestid
X-Varnish-Cacheable
Origin
X-Powered-By-Server
X-CDN-Node
CONTENT-SECURITY-POLICY
X-LiteSpeed-Cache-Control
X-CDN-Cache-Status
X-Cache-Age
X-CacheServer
X-RESOURCE
X-Varnish-Seen-By
X-URLSCHEME
X-Developer
X-Varnish-RemainingTTL
X-BS
ServerID
X-I-Sp
Powered
X-Response-Time
X-Cache-TTL
X-Microcachable
X-VARNISH-Cache
X-Cache-Debug
X-Cache-Control-Orig
X-Cache-Info
X-Grace
CC-CACHE
X-Goog-Hash
X-Cache-Rule
X-SRCache-Store-Status
X-Location-Id
X-Microcache-Status
X-Translation
X-SRCache-Fetch-Status
X-Powered-By-VTEX-Janus-ApiCache
No
Content-Security-Policy-Rerport-Only
X-CJ-Soft
X-Powered-By-VTEX-Janus-Edge
X-Vtex-Processado-Em:
X-Vtex-Remote-Cache
X-VTEX-Janus-Router-Backend-App
X-VTEX-Cache-Status-Janus-Edge
X-VTEX-Cache-Status-Janus-ApiCache
X-Vtex-Processed-At
X-Device-Type
X-DNS-Prefetch-Control
X-Daa-Tunnel
X-Instart-Request-ID
Node
X-Newrelic-App-Data
X-BackEnd
X-Route-Server
X-NoCache
X-DefendeR-Status
X-DefendeR-Runtime
X-Cache-Expires
X-Front
SN
Buuteeq-Source
X-Cache-Tags
X-Varnish-Age
X-Mobilized-By
X-Vcap-Request-Id
X-Cache-Lifetime
X-BC-Stapler
X-Geo-IP
Edge-Control-Message
X-Drectory-Script
X-Cf-Powered-By
X-PwB-Node
X-FW
X-Source
X-ServerID
X-Time
X-Fastcgi-Cache
X-WebServer
Proxy-Agent
X-App-Status
Pics-Label
Server-Info
Cache
X-Akamai-Device-Model
X-Akamai-Device-Characteristics
X-Client-IP
Version
X-Processed-By
Proxy-Connection
NetMindSessionID
X-Orig-Vary
X-N
Accept-Charset
PICS-Label
Webluker-Edge
X-Geo-IP-Region
X-Geo-IPV
X-Varnish-Server
Qs-Cache
X-Frontend
X-Revision
X-Geo-IP-Metro
Nitro-Cache
X-Geo-IP-Country
Decompress
X-B-Cache
X-Discourse-Route
X-Cache-Operation
Arr-Disable-Session-Affinity
X-Ttl
Last-Published
NODE
X-Trace
AMF-Ver
X-UPSTREAM
X-Mobile-URL
Retry-After
X-Real-Server
X-Trace-Cache
X-Purge-URL
X-Engine
SID
X-Processing-Time
X-Varnish-Grace
X-Varnish-IP
Srv
Frame-Options
Cache-Key
Req-Id
X-Blog
X-ClientSide-Caching
X-Yottaa-Optimizations
X-Server-Id
X-Content-Age
X-Varnish-Hostname
X-Speed-Cache
X-Yottaa-Metrics
X-Zen-Fury
WWW-Authenticate
X-SV-Pid
Fastcgi-Cache
X-Purge-Host
Location
X-SV-Nginx-Duration
X-SV-Duration
X-SV-CreatedAt
X-Varnish-RemainingGrace
X-SV-Edge
X-SV-Expires
X-Cookie-Domain
X-SV-CacheTags
Author
X-CDN-Forward
X-Varnish-Hits
X-Speed-Cache-Key
X-SV-FromDBCache
HCVer
SVR
HAVer
Filter-Revision
Accept-Encoding
X-Highwire-SessionId
X-SmartBan-URL
X-Highwire-RequestId
Content-Transfer-Encoding
X-Cache-Doesi
A-Powered-By
X-SmartBan-Host
X-WR-Flags
X-GeoIP-Country-Code
COMMERCE-SERVER-SOFTWARE
X-SE-Debug
X-NginX-Upstream-Response-Time
X-Nginx-Cache
X-NginX-Node
X-NginX-Upstream-Addr
X-NginX-Upstream-Status
X-AbeBooks-Version
X-NginX-Cache-Status
X-Varnish-Count
X-Varnish-ObjectSource
X-Yadis-Location
X-Varnish-GracePeriod
X-ACMCache
X-Varnish-RemainingLife
Cm-Server
X-Varnish-HitMiss
X-Platform-Processor
MJ12bot
Backend
SEOMOZ
X-Platform-Router
Thanks
Mobiquo-Is-Login
X-Hypernode
Cached
X-Rocket-Nginx-Bypass
X-AOL-HN
RTSS
X-StackifyID
X-Page-Cache
X-Cocoon-Version
CacheControlHeader
SRV
X-GeoIP-Country-Name
X-PF-Uncompressing
Nodo
Id
X-Session-Reinit
X-Provisioner-Version
X-Cache-Key
X-Domain-Checked
X-Nginx-Host
LBVIS
X-Server-Upstream
X-Nurl
X-Machine-Name
X-Server-Response-Time
X-Dispatch
X-Nhost
X-NFE
X-TTFB
X-TTFB-L
Front
X-SmugMug-Hiring
Keywords
X-Dynatrace
X-Application-Context
Smug-CDN
X-Env
X-Garden-Version
X-Prefetched
X-SmugMug-Values
X-Empowered-By
X-Origin-Id
X-Resolver-IP
X-Plat
X-Nitra-Side
Rewriter
X-Unique-ID
X-Server-Start-Time
X-TempDebug
IISExport
CT
Logging-CorrelationId
X-Upstream
X-NB-Cached-Page
ORIGIN
WSR-Cache
X-FIRSTBase
X-Ruxit-JS-Agent
X-Amz-Version-Id
Mime-Version
X-NewRelic-App-Data
X-Transaction
X-Connection-Hash
X-Sys-Req-ID
X-Flow-Powered
X-Config-By
X-Twitter-Response-Tags
X-HP-Trace-ID
X-LW-Web-Server
X-ID
Host-Service
Beyond-Iis
Ibf5scheme
X-App
X-Aicache-OS
X-WA-Info
X-HP-Trace-Project
P-WS
X-Sucuri-ID
X-Uid
X-Debug
X-Varnish-Debug-Age
P-LB
X-Obvious-Tid
X-Analytics
Server-Name
X-Distributed-By
Noq
Cpu
Ram
X-Hiawatha-Cache
X-BackendServer
Backend-Timing
X-Obvious-Info
X-App-Server
X-IsCacheURL
X-Grid-Server
X-XTM-Node
Tk
X-PRAM
X-NginX-Cache
Device-Type
BALANCEDTO
Eomportal-Instance
X-NginX-Server
X-Atraveo-ETag
X-Atraveo-Varnish-Server-Id
X-Atraveo-Param-Rm
X-Atraveo-Set-Cookie
X-Atraveo-Zone
X-Atraveo-From-Varnish-Cache
X-Atraveo-TTL
X-Atraveo-Expires
X-Force
X-Atraveo-Cache-Control
X-Server-IP
X-LB
X-Libra-UpstreamHost
X-Framework
X-SRV
From
S
X-Cache-Fix
X-Cache-PageType
X-Kinsta-Cache
X-Varnish-Debug-TTL
X-V
X-BKSrc
LBC
X-Directory-Script
X-LB-Server
VAR-Cache
X-Webcelerate
X-Cache-Control
Real-Server
Allow
X-Platform-Cache
X-SDE-Name
W
X-Src-Webcache
NtCoent-Length
XDomainRequestAllowed
X-Storage
Pool-Info
X-Detected-Device
X-Pressidium-NinukisWP-Ver
X-Cache-Level
ServerTokens
Imx-Cookies-Used
X-Varnish-Action
X-EPiphany-Vid
X-AOL-SNH
X-Dns-Prefetch-Control
X-Amz-Meta-S3cmd-Attrs
X-Balanceador
X-Client-Vid
X-RiS-UFDI
X-Accel-Expires
X-EdgeConnect-MidMile-RTT
X-Worker
X-Distributor
X-WP
Description
X-Smartcache-Timeout
ServerSignature
X-Cache-Engine
X-Dw-Trace-Id
X-Smartcache-Keys
X-EdgeConnect-Origin-MEX-Latency
X-Ec-Custom-Error
XX
X-Do-Esi
X-Magento-Cache-Debug
MW-Webserver
X-Cache-CFC
SiteName
X-Status
X-Middleton-PageSpeed
X-JG-Page-Cache
Section-Io-Id
X-Hosts-Backend
X-Edge-Location
X-DPWN-IS-SECURE
VServer
X-Phpwcms-Page-Processed-In
X-Varnish-Ttl
X-Phpwcms-Release
S-Cnection
X-Dispatcher
NnCoection
X-Srv
ScoreTracker
X-DEBUG
Cneonction
X-Full-URL
X-Source-ID
Ec
Il-Cl
X-DTC
X-Secret
X-Apm-Telemetry-Syncmark
X-B2f-Not-Route
X-Symfony-Cache
CommunityServer
X-Amz-Id-1
SSPAppContext
Hash
Sophnep-Edge-FX
Prxy
N365rili
Beid
X-ATM-RTime
X-Rebelmouse-Cache-Control
X-RDP
X-ProxyInstancename
X-Cache-Original-TTL
X-Rebelmouse-Surrogate-Control
X-Response
X-Key
X-MrHost
X-SilverStripe-Cache
X-Full-Url
IM-Version
X-ServerIndex
X-GSL-Server
X-DSMX-Rewrite-MS
X-DSMX-Render-MS
X-Amz-Meta-Cb-Modifiedtime
X-Browser
X-CB-Server
Sid
Ctx
Accept-Language
Dynatrace
X-ATM-RServer
Content-Server
X-Jphone-Copyright
Ksid
X-DOM
X-IIJ-Cache
Cdate
X-N-ViewType
X-Site:
X-Hit-Cache
Fw-Via
Myheader
OT-RequestId
X-Pagename
WP-Cache
RN-Server
CLMOB
X-Cache-Node
PowerCDN
Hamster
X-ARC
X-Cookie
NLCacheNote
Cache-Rule
X-Cache-Set
X-Captured
X-Rack-CORS
X-Info
SS
X-Adobe-Loc
X-Is-Cachable
X-CacheResult
A
X-Cache-TTL-Remaining
X-Litespeed-Cache
X-Optimization
X-Adobe-Content
X-DealerOn
Warning
X-Avvio-Cms-Cacheload
X-Trace-Id
X-HW
X-Ob-Mode
X-Cache-Keep
X-SERVER-ID
X-XS4ALL-Server
X-Cms-Server
X-Client-Ip
X-Supported-By
D
X-EDGECONNECT-GUID-DEBUG
X-Real-IP
X-Server-Generated
X-REDIRECTSERVER
WP-AdvCache-MemCached
X-Varnish-URL
X-Backend-Name
Www.Myjob.Se
X-F-Cache
X-HeBS-Cache-Status
X-Id
X-HP-CAM-COLOR
CmsCacheEngine
Www.Mirrorgate.Se
Test.Executivepeople.Se
P3P:CP
Open.Jobgate.Se
Jobb.Passal.Se
Jobb.Gil.Se
Www.Mabracertifiering.Se
Jobb.Assistentpoolen.Se
Bios
X-RequestId
X-Clara-ASAP
X-Ocache
X-Cache-Action
X-B
X-ASAP-Cache
X-Wix-Route-ID
X-FreeTag-Count
B-Powered-By
HOST-SERVICE
X-T3CacheTags
X-T3CacheInfo
X-T3Cache
X-ORACLE-DMS-ECID
X-Amz-Storage-Class
If-Modified-Since
X-Vary-Options
X-Node-Name
X-Server-Instance-Name
Set-Cookie2
X-Cms-Mode
Machine
X-WorkerInstancename
SB-Cache-Life
SB-Cache-Remaining
X-APP
SBGI-RenderTime
X-Invoke-Duration
X-Artvisual-Server
X-CCC
Worker
X-Expires
X-Webstats-RespID
X-Frames-Options
PServer
X-CID
X-Time-Microsecs
X-MAT-GEO
X-Akamai-Edgescape
X-PHP-Response-Code
X-Purge-Level
SB-Site-Device
X-Magento-Action
X-Litespeed-Cache-Control
SBGI-5
X-AISO-Cache
X-Actindo-RS
SBGI-10
X-Healthy
X-Old-Content-Length
SBGI-1
X-AISO-Server
SBGI-7
SBGI-9
SBGI-RealPath
Ibm-Web2-Location
Cluster-ID
SBGI-Device
X-Cache-On
X-AWS
X-AISO-Cacheable
X-Esi
NZSpeedy
Ngpass-Vcall
Web
INCOMING-TIME
X-Varnish-Instance
X-Unbounce-VisitorID
X-Oracle-DMS-ECID
X-Medium-Entity-Id
X-Is-Mobile
X-Unbounce-Variant
X-Server-Instance
X-Unbounce-PageId
X-Sid
X-Hosting
X-Medium-Entity-Type
X-Stage
X-ACCELERATE
Xc
X-CACHE-TTL
X-Dev
X-Flex-Evstart
SharePointError
X-Flex-Tags
X-Nginx
X-Flex-Lang
X-Flex-Tag
MageStack-Tag
X-Flex-Lastmod
X-Max-Age
X-Wikidot-Static-Cache
X-W3TC-Minify
Xxxxx-Hit-Count
X-Tags
Xxxxx-Restarts-Count
X-CCM
Xxxxx-Cache
Xxxxx-Age
MageStack-Web-Node
X-Appmachine-Environment
VANITY-HOST
X-Environment
X-ManagedFusion-Rewriter-Version
X-Rewritten-By
Pool
X-ESI
X-Cluster-Node
X-Flex-Community
Host-Name
Fastly-Backend-Name
X-Signature
X-Vhost-ID
CpuTime
X-Flex-Evend
X-Environment-Context
Ttl
Mto-License-Status
X-Backend-TTL
X-Block
X-Cache-Me-Harder
Content-Instance
Cleartype
X-Jcms-Ajax-Id
X-TB-M
X-Your-GrandPa-Would-Wait
Apache
Backend-Name-Original
Server-Id
X-Channel-Maxage
X-Trace-App
X-NewCloud-V-Cache
Access-Control-Allow-Orgin
RouteID
DNNOutputCache
X-VC-TTL
X-MobileDetected
X-EdgeRouter
X-Header
X-Hrouter
X-Hstore
X-L-Path
X-Serendipity-InterfaceLang
Countrycode
At-Shoptype
At-Isb
Ews
X-Requested-Page
Atp-Isdpp
X-We-Are-Hiring
Url-Hash
X-Timing
TP-L2-Cache
TP-Cache
Paypal-Debug-Id
IsMobile
X-AccessDev
X-GeoIP
Server-ID
X-TTL-Age
X-Would-Your-GrandPa-Wait
X-Serendipity-InterfaceLangSource
X-HTML-Minification-Powered-By
X-Does-He-Have-Time
Note
X-OCTOPOD
X-Beatles
X-Beatles-Hits
X-Wikidot-Backend
X-Ghost-Cache-Status
GenSvr
X-Sn-Servicetimems
Max-Age
Publisher
X-ETag
Requested-Host
X-SATserver
X-RateLimit-Remaining
X-LW-T
X-JSESSIONID
X-MCF-ID
X-Orig-Host
X-Powered-By-Home.Pl
X-Pagely-Cache
X-Runtime-Memory
X-Xhr-Current-Location
X-Server-Addr
X-RealServer
X-SV
AGI-Request-ID
X-AG-MIPS
Provider
X-Proto
X-Meta-MSThemeCompatible
MSThemeCompatible
MSSmartTagsPreventParsing
X-Gannett-Site-Version
X-Meta-Imagetoolbar
X-Meta-MSSmartTagsPreventParsing
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Fpc
X-LS-DEBUG
X-HASH
X-Magento-Cache-Control
X-Rot
MageStack-PageSpeed
X-Sov
X-Geo
X-Desc
SINA-TS
SINA-LB
User-Cache-Control
DPOOL-HEADER
X-Cache-Extended
X-Box
X-VG-WebCache
AsisCache
Device
X-PM-ID
INFO
Kanooh-Host
X-B3-Traceid
Og
X-PG
X-HAProxy
TotalTime
Backend-Node
Webserver
X-EntryPoint
X-Fallback
X-DataDome
X-Author
X-SeschatDID
X-Seschat-URL
X-SeschatLayout
X-SeschatRedID
X-SeschatTemplateID
X-Server-By
X-HITS
X-EZPublish-NodeID
X-EZPublish-InstallationID
X-Hit
MageStack-Cache-Lifetime
MageStack-Cache-Hits
X-Turpentine-Cache
X-Turpentine-Esi
X-FastCGI-Cache
X-Varnish-Set-Cookie
X-Varnish-Store
Cmsid
Aurora-Node
Cmstype
MageStack-Area
MageStack-Cache
X-Varnish-Currency
X-Varnish-Esi-Access
X-Varnish-Esi-Method
MageStack-Cache-Status
X-Remote-Addr
MageStack-Cacheable
X-Country
X-RSS-CACHE-STATUS
X-BE
Foglight-Request-UUID
X-Span
MageStack-Debug
MageStack-Config
X-FCMS-Cache
MageStack-Loadbalancer
X-HostName
Resin-Trace
Cxy-All
Lfy
X-Mod-Oboe-PS
X-Ratelimit-Remaining
VC-NoCache
X-HOSTNAME
X-COUNTRY-CODE
X-Restarts
Head
Servername
X-GRACE
X-Dynatrace-Js-Agent
X-Varnish-Backend-Healthy
X-Varnish-Error-Restart
X-Rack-Cors
X-SID
X-MSU-SOURCE
Content
X-Brought-To-You-By
X-WR-MODIFICATION
X-Magento-Tags
BlockPHPCallEnd
RATING
DB-Nickname
Tempo
X-Delivered-By
NKBVHEADER
POOL
X-DeliveryServer
QC-Hit
X-A
X-Forwarded-Proto
X-Application
X-Cluster-Host
Debug-Status
X-Wm-1
X-Wm-VIP
QC-Time
X-E
X-Dynamic
QC-Key
XDisk
FindLaw
X-Clx-Request
X-Ratelimit-Limit
X-Cache-Handler
X-ESI-Enable
X-FFX-B
X-WHOIS-Cached
EXT-CACHEEXPIRE
Edgecast
X-Content-Type
X-Batcache
X-Enhanced-By
Cteonnt-Length
V-Age
Www.Aujourdhui.Com
X-Goog-Generation
X-Goog-Metageneration
X-Goog-Storage-Class
X-Goog-Stored-Content-Encoding
X-Goog-Stored-Content-Length
X-Device-Group
X-ATP-Server
X-Pb-Mii
X-Mii-Cache-Hit
X-GUploader-UploadID
X-Client-Image-Vid
X-Varnish-Cache-Control
X-EvoSuite-Machine
X-Zendesk-User-Id
X-EvoSuite-Secs
X-OpenCart-Lightning
X-BeResp-Ttl
X-DB-NAR
X-Airee-Node
X-Bcwwwid
X-Cache-Origin
X-Capoed
X-Process-Time
X-Zendesk-Origin-Server
X-Test
X-Cache-ID
X-ASAP-Age
Lookup-Cache-Hit
X-Instance-Name
User-Agent
X-Ratelimit-Reset
Httpd-Identifier
X-PF-CACHE-FAILED
NodeId
OriginServer
X-TempoPesquisa
X-DN-Cache-Control
X-DB-Content-Length
X-DN-GyrobaseID
X-Compressed-By
X-4ormat-Cacheable
Server-Optimized-By
X-T
SLB
X-Webkit-CSP
MwpReleaseVersion
Hosted-By
X-Gyrobase-Publication
X-IP-Address
Dispatcher
X-Accel-Cache-Control
X-Backend-Ip
X-ServedByHost
ServerIP
Expiries
X-Pj-Cache-Key
X-Pj-Cache-Status
X-RAMCache
X-Route
X-Rq
X-Obr-Rule
X-Cacheable-TTL
X-Compressor
X-Hcom-Origin-Id
X-Hcom-Styx-Info
X-BServer
X-BPool
SL-NOREWRITE-REDIRECTS
X-Ants-Host
X-Ants-Machine-Id
AC-ELC
X-Nucleus-Cache
X-Protected-By
X-Pardot-LB
X-Hash
VM
BKREF
X-Pardot-Route
X-PBY
X-VhostID
X-Render-Time
X-PHP
RequestId
X-S-Misc
X-Nginx-Backend
X-Cache-Backend
X-Fedora-School-Id
X-Highwire-Sitecode
X-AUSERNAME
X-MCB-Server
X-Content-Security-Policy-Report-Only
X-Catalyst
ResourceTag
X-Hosting-Env
Session-Id
X-Cache-Device-Type
X-Nginx-Request-Time
X-ASEN
X-7d-Trace-Id
X-7d-Instance-Id
X-WebNode
Charly
X-PageType
X-OneLinkTook
X-AREQUESTID
X-OneLinkHost
X-OneLinkProcessing
X-OneLinkServiceType
ReqUrl
Pw-Value
X-ACLR-Version
X-Cache-Via
Content-Cache
X-DDM-SERVER
Tracker
X-AppServer-Cache-Rule
X-Generation-Time
X-Fe
X-D-Time
X-AppServer-Status
X-DDM-SERVER-UPDATED
X-Pageid
X-Webapp
Nginx-Cache
NS-VaryByCustom-Key
Public-Extension
X-UseReverse-Proxy
X-PoweredBy
X-Router
X-Router-Backend
X-Site-Name
X-SuperCache
Expire